Bitcoin soared past $50,000 per coin for the first time on Tuesday, and three days later its market cap surpassed $1 trillion. To say the cryptocurrency and altcoins have been on a tear is an understatement — especially after Tesla (TSLA) bought $1.5 billion in bitcoin earlier this month. And as the prices of these digital assets increase, so does the temptation to heist cryptocurrency.
The Justice Department unsealed an indictment Wednesday alleging North Korean military hackers schemed to steal money and cryptocurrency around the world as part of a larger plot involving Sony Pictures. That indictment spurred a warning from the FBI and Department of Homeland Security: Hackers are upping their games to steal cryptocurrency.
But it’s not just nation states stealing digital wallets worth millions. Cybercriminals are increasingly targeting individuals and businesses to surreptitiously mine cryptocurrency using unsuspecting victims’ computer systems in a cyberattack called cryptojacking.
“We’ve certainly seen in the past, a pretty reasonably good correlation between the price of bitcoin and the amount of cryptojacking activity,” Chester Wisniewski, principal research scientist at cybersecurity firm Sophos, told Yahoo Finance.
Experts say there are ways to reduce vulnerability to attacks by following basic and more sophisticated cybersecurity measures, starting with secure passwords.
International cybercriminals are stealing millions
North Korea and Iran, which are subject to U.S. sanctions, have leaned on cyberattacks against digital wallets to grow their coffers.
“North Korea’s operative, using keyboards rather than guns, stealing digital wallets and cryptocurrency instead of stacks of cash, have become the world’s leading bank robbers,” federal prosecutor John Demers told reporters this week after the indictment was unsealed.
Prosecutors allege hackers working for North Korea’s government targeted cryptocurrency companies and stole tens of millions of dollars’ worth of cryptocurrency, including $11.8 million from a financial services company in New York in 2020. The hackers used malware called CryptoNeuro Trader as a backdoor into victims’ computers, stealing $24 million from an Indonesian cryptocurrency company in 2018, and $75 million from a Slovenian cryptocurrency company in 2017, according to the indictment.
The malware provided a back door to steal private keys, the indictment said. The illegitimate software was marketed under names including Celas Trade Pro, WorldBit-Bot, iCryptoFx, Union Crypto Trader, Kupay Wallet, CoinGo Trade, Dorusio, CryptoNeuro Trader, and Ants2Whale.
“It appears that this malware is very sophisticated, in the sense in that it is impersonating a legitimate piece of software…which is a powerful concept,” says Yehuda Lindell CEO & Co-founder of Unbound Tech, which provides cryptographic infrastructure, including key management and protection.
While crypto asset holders may avoid clicking on an unfamiliar link, Lindell said, they might be more inclined to install an update that appears to come from a trading platform.
“Once you have malware, that has access to whatever keys you have done, then obviously that malware can go ahead and do whatever it wants and steal your funds,” Lindell said. ”If somebody manages to steal your funds, there’s actually no way of getting them back, at all.”
Another problem is that not all cryptocurrency exchanges have the same security posture, compared to traditional banks, Lindell said….